Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/57DZNjoiDXW7-ZB8Rs68bT_CtcM.roa
File: 57DZNjoiDXW7-ZB8Rs68bT_CtcM.roa (raw, json)
Hash identifier: wD6VL1n6hSStHAMDESQYxm43XjZpav7PGcYoGa+jcZ8=
Subject key identifier: E7:B0:D9:36:3A:22:0D:75:BB:F9:90:7C:46:CE:BC:6D:3F:C2:B5:C3
Certificate issuer: /CN=b0c20ae1dacca31815b274702927c1a5a9dbc7b3
Certificate serial: 0A82332A
Authority key identifier: B0:C2:0A:E1:DA:CC:A3:18:15:B2:74:70:29:27:C1:A5:A9:DB:C7:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sMIK4drMoxgVsnRwKSfBpanbx7M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/57DZNjoiDXW7-ZB8Rs68bT_CtcM.roa
Signing time: Sat 01 Jan 2022 02:54:18 +0000
ROA not before: Sat 01 Jan 2022 02:54:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47458
IP address blocks: 89.46.122.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 176304938 (0xa82332a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0c20ae1dacca31815b274702927c1a5a9dbc7b3
Validity
Not Before: Jan 1 02:54:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e7b0d9363a220d75bbf9907c46cebc6d3fc2b5c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:1a:28:a9:a6:6c:e9:2f:cf:38:72:1b:b7:f3:
3f:3b:55:a5:d9:ac:a9:14:8c:6a:f7:86:2f:74:a4:
fc:c5:be:d4:7e:25:2f:48:40:25:f2:05:58:61:67:
8e:b2:66:81:34:54:23:8f:36:bd:c0:07:0b:49:5c:
a2:45:98:f4:9a:66:fe:06:52:9e:b6:1a:81:61:57:
fe:27:9d:bc:4e:69:e0:fd:30:13:3a:90:52:cc:a8:
a9:ab:2f:da:13:20:85:94:57:b8:19:d6:9c:75:54:
fa:aa:98:c3:ab:0f:39:ff:41:10:22:98:9b:4e:98:
3c:b1:fe:a6:33:e1:fe:73:ad:f6:53:14:ab:82:61:
44:dd:38:6d:ce:6c:fb:b5:b6:a4:ca:e2:c0:98:ba:
a7:33:35:99:73:45:4a:50:e8:29:6f:5c:63:ec:a4:
80:89:5d:58:87:00:f7:31:e4:84:53:80:6f:ce:c6:
dc:4c:ce:4a:f5:08:9a:cb:9e:66:12:ec:77:d1:73:
fc:97:ed:e6:9f:16:63:e8:f8:73:22:4d:82:39:e7:
5a:4c:75:d3:77:5f:db:0d:40:c5:94:b9:dd:24:ee:
5b:b1:22:aa:b3:62:4d:9f:ea:a7:65:87:a7:fe:56:
29:67:94:56:19:6e:b6:43:e2:35:e7:63:3f:bb:1f:
49:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:B0:D9:36:3A:22:0D:75:BB:F9:90:7C:46:CE:BC:6D:3F:C2:B5:C3
X509v3 Authority Key Identifier:
keyid:B0:C2:0A:E1:DA:CC:A3:18:15:B2:74:70:29:27:C1:A5:A9:DB:C7:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sMIK4drMoxgVsnRwKSfBpanbx7M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/57DZNjoiDXW7-ZB8Rs68bT_CtcM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/sMIK4drMoxgVsnRwKSfBpanbx7M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.122.0/24
Signature Algorithm: sha256WithRSAEncryption
99:26:f0:77:fa:3b:e1:fc:15:14:66:96:b7:cd:8e:6c:20:f1:
01:c7:12:b5:66:09:59:be:7f:42:b2:35:20:8e:28:39:dc:23:
47:44:df:88:31:5b:12:d3:9d:8a:3a:42:21:6d:f2:5d:80:ff:
72:24:c8:6f:ad:3b:71:e6:33:00:f2:c3:00:a8:77:da:2d:d6:
1e:b7:c2:0d:8a:c7:71:f0:df:0c:25:ad:82:3e:86:0f:1d:1d:
80:9d:3b:3c:bf:26:5f:79:e5:42:41:66:d0:93:05:1c:af:28:
4c:4f:e8:fe:cd:02:95:3a:b4:70:c8:42:4b:73:ad:11:8c:b8:
92:e2:aa:38:13:56:9d:31:11:1b:21:6a:2d:df:46:96:d7:25:
28:46:3b:e1:3d:b0:d1:3d:0f:f2:8b:67:6c:43:98:ad:e2:70:
fb:79:f0:1a:dc:b7:28:da:52:47:cc:6f:b9:78:8b:68:49:76:
46:be:8b:93:23:5c:f3:06:83:a2:b2:6f:78:7d:fc:c9:97:25:
81:64:66:22:f4:81:1d:df:67:03:f2:08:c7:43:73:9f:9c:ff:
b1:2c:b0:70:02:07:36:c8:f0:de:29:3d:85:e8:a3:1b:a9:d5:
d3:fd:3c:46:50:81:d7:e3:4d:83:84:fa:fd:a3:9b:77:f4:9d:
88:76:33:b7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECoIzKjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MGMyMGFlMWRhY2NhMzE4MTViMjc0NzAyOTI3YzFhNWE5ZGJjN2IzMB4XDTIyMDEw
MTAyNTQxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTdiMGQ5MzYzYTIy
MGQ3NWJiZjk5MDdjNDZjZWJjNmQzZmMyYjVjMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOAaKKmmbOkvzzhyG7fzPztVpdmsqRSMaveGL3Sk/MW+1H4l
L0hAJfIFWGFnjrJmgTRUI482vcAHC0lcokWY9Jpm/gZSnrYagWFX/iedvE5p4P0w
EzqQUsyoqasv2hMghZRXuBnWnHVU+qqYw6sPOf9BECKYm06YPLH+pjPh/nOt9lMU
q4JhRN04bc5s+7W2pMriwJi6pzM1mXNFSlDoKW9cY+ykgIldWIcA9zHkhFOAb87G
3EzOSvUImsueZhLsd9Fz/Jft5p8WY+j4cyJNgjnnWkx103df2w1AxZS53STuW7Ei
qrNiTZ/qp2WHp/5WKWeUVhlutkPiNedjP7sfSacCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTnsNk2OiINdbv5kHxGzrxtP8K1wzAfBgNVHSMEGDAWgBSwwgrh2syjGBWy
dHApJ8GlqdvHszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NNSUs0ZHJNb3hnVnNuUndLU2ZCcGFuYng3TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvODg4ODY5LTdhNjUtNDE1Yi1iNjhmLTU0ODQ0MDJjZWI3YS8x
LzU3RFpOam9pRFhXNy1aQjhSczY4YlRfQ3RjTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
ODg4ODY5LTdhNjUtNDE1Yi1iNjhmLTU0ODQ0MDJjZWI3YS8xL3NNSUs0ZHJNb3hn
VnNuUndLU2ZCcGFuYng3TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFkuejANBgkqhkiG9w0BAQsFAAOC
AQEAmSbwd/o74fwVFGaWt82ObCDxAccStWYJWb5/QrI1II4oOdwjR0TfiDFbEtOd
ijpCIW3yXYD/ciTIb607ceYzAPLDAKh32i3WHrfCDYrHcfDfDCWtgj6GDx0dgJ07
PL8mX3nlQkFm0JMFHK8oTE/o/s0ClTq0cMhCS3OtEYy4kuKqOBNWnTERGyFqLd9G
ltclKEY74T2w0T0P8otnbEOYreJw+3nwGty3KNpSR8xvuXiLaEl2Rr6LkyNc8waD
orJveH38yZclgWRmIvSBHd9nA/IIx0Nzn5z/sSywcAIHNsjw3ik9heijG6nV0/08
RlCB1+NNg4T6/aObd/SdiHYztw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:07 2024 by rpki-client on console-fra.rpki-client.org